On the Security of Some Proxy Signature Schemes

Digital signature scheme is an important research topic in cryptography. An ordinary digital signature scheme allows a signer to create signatures of documents and the generated signatures can be verified by any person. A proxy signature scheme, a variation of ordinary digital signature scheme, enables a proxy signer to sign messages on behalf of the original signer. To be used in different applications, many proxy signatures were proposed. In this paper, we review Lee et al.’s strong proxy signature scheme, multi-proxy signature scheme, and its application to a secure mobile agent, Shum and Wei’s privacy protected strong proxy signature scheme, and Park and Lee’s nominative proxy signature scheme, and show that all these proxy signature schemes are insecure against the original signer’s forgery. In other words, these schemes do not possess the unforgeability property which is a desired security requirement for a proxy signature scheme.

[1]  A. Taher Cryptography and logarithms over finite fields , 1984 .

[2]  T. Elgamal A public key cryptosystem and a signature scheme based on discrete logarithms , 1984, CRYPTO 1984.

[3]  K. Nyberg New digital signature scheme based on discrete logarithm , 1994 .

[4]  Seungjoo Kim,et al.  Nominative Signatures ( Extended Abstract ) , 1995 .

[5]  Victor K.-W. Wei,et al.  A strong proxy signature scheme with proxy signer privacy protection , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[6]  Byoungcheon Lee,et al.  Strong Proxy Signature and its Applications , 2000 .

[7]  Byoungcheon Lee,et al.  Secure Mobile Agent Using Strong Non-designated Proxy Signature , 2001, ACISP.

[8]  Eiji Okamoto,et al.  Proxy signatures for delegating signing operation , 1996, CCS '96.

[9]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[10]  Dongho Won,et al.  Proxy signatures, Revisited , 1997, ICICS.

[11]  David Chaum,et al.  Zero-Knowledge Undeniable Signatures , 1991, EUROCRYPT.

[12]  Patrick Horster,et al.  Self-certified keys — Concepts and Applications , 1997 .

[13]  Panayiotis Kotzanikolaou,et al.  Secure Transactions with Mobile Agents in Hostile Environments , 2000, ACISP.

[14]  Kan Zhang,et al.  Threshold Proxy Signature Schemes , 1997, ISW.

[15]  Hung-Min Sun,et al.  Remark on Two Nonrepudiable Proxy Signature Schemes , 1999 .

[16]  David Chaum,et al.  Undeniable Signatures , 1989, CRYPTO.

[17]  M. Mambo,et al.  Proxy Signatures: Delegation of the Power to Sign Messages (Special Section on Information Theory and Its Applications) , 1996 .

[18]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.